If you’re looking for torrents to download pirated copies of popular games, be extra careful not to be tricked into downloading malicious and unwanted software instead.
According to Symantec researchers, who have been trawling popular torrent websites, there’s an active distribution campaign going on that delivers potentially unwanted apps (PUAs) posing as torrents for games like Assassin’s Creed Syndicate, The Witcher 3, World of Warcraft: Legion, The Walking Dead: Michonne, and several others.
At first glance, the torrent does not seems suspicious – its size is as small as expected from a torrent file.
After saying “Yes” to the UAC security dialogue that asks if they are sure they want to allow the program to make changes to the computer, users end up with a file downloaded from a Google Drive – a file that is considerably larger than a torrent file (around 3.5 MB) and is obviously an executable:
“If the user approves the download and runs the executable, the PUA downloader starts to execute additional PUA downloads and installations,” the researchers note.
“The PUA downloader may also check for virtual environments before silently downloading any additional PUAs. The installation of additional PUA software proceeds without any user interaction and without displaying any end-user license agreement (EULA). Symantec analysis shows the installed PUA programs may change the browser default home page, hide certain browser shortcuts, or replace existing browser shortcuts with shortcuts to third-party browsers containing advertisements.”
If you believe that seeing a bunch of unwanted ads is not so bad and not dangerous, remember that those ads can lead to more malicious apps, which you could also be tricked into installing.
Also, this same distribution model could also be easily exploited to spread other types of malware.
Downloading pirated content from torrents is always a risky proposition, and everybody who does it should know that.
But, unfortunately, there’s always going to be a new crop of young, inexperienced users who won’t be aware of the dangers, and that’s why warnings such as these are always topical.